I sat the AWS Certified Developer Associate (DVA-C02) recently and passed. This is the retrospective I wish I had read before starting - what the exam actually tests, the services you need to know well, the concepts that trip people up, and which resources earned their place.
I came in comfortable across most of the exam’s services from day-to-day work, so for me this was more about confirming and formalising what I already knew than learning it fresh. Your starting point will shape where you spend time, so calibrate the advice accordingly.
For more content on other relevant certifications, check Certifications.
The exam at a glance
| Questions | 65 (50 scored, 15 unscored) |
| Time | 130 minutes |
| Format | Multiple choice and multiple response |
| Passing score | 720 out of 1000 (scaled) |
| Cost | 150 USD |
| Validity | 3 years |
The scaled score means you do not need 72% of questions right - scoring is normalised across question difficulty. Aim to be comfortably clear of the line rather than counting questions.
The four domains
DVA-C02 has four domains. The percentages are the share of scored content, straight from the exam guide - the bigger the share, the more of your study time it deserves.
Domain 1 - Development with AWS Services (32%)
The largest domain and the heart of a developer exam. Lambda, DynamoDB, and API Gateway show up everywhere. Know event-driven patterns, how services pass data, and the SDK behaviours - pagination, retries, and error handling. This is where hands-on time pays off the most.
Focus areas:
- Lambda - triggers, environment variables, layers, versions and aliases, concurrency
- DynamoDB - data modelling, partition vs sort keys, indexes (LSI vs GSI), capacity modes, streams
- API Gateway - REST vs HTTP APIs, integration types, stages, caching, throttling
- S3 - storage classes, lifecycle, presigned URLs, multipart upload, event notifications
- SQS and SNS - fan-out, FIFO vs standard, dead-letter queues
- Step Functions - standard vs express, when orchestration beats chaining Lambdas
- Caching - ElastiCache vs DAX, and where each fits
Domain 2 - Security (26%)
Bigger than people expect, and an easy domain to under-prepare for. It covers the practical IAM, encryption, and auth mechanics a developer wires into an application every day, not abstract security theory.
Focus areas:
- IAM - roles vs users, policy evaluation, assume-role, least privilege
- Cognito - user pools vs identity pools, and which problem each solves
- KMS - envelope encryption, customer-managed vs AWS-managed keys, key policies
- Secrets Manager vs SSM Parameter Store - rotation, cost, when to use which
- Encryption in transit and at rest across S3, DynamoDB, and the rest
- STS and temporary credentials
Domain 3 - Deployment (24%)
The CI/CD and packaging domain. If you have shipped anything through a pipeline this is familiar ground, but the exam wants the specific AWS service behaviours, not generic DevOps intuition.
Focus areas:
- The Code suite - CodeCommit, CodeBuild, CodeDeploy, CodePipeline and how they connect
- CodeDeploy deployment configs - all-at-once, linear, canary, and what each means for Lambda vs EC2
- SAM and CloudFormation - templates, change sets, nested stacks,
sam local - Elastic Beanstalk - deployment policies (rolling, immutable, blue/green)
- Environment configuration and artifact management
Domain 4 - Troubleshooting and Optimization (18%)
The smallest domain, but do not skip it - it leans on observability and the small operational details that the other domains gloss over. A handful of focused hours here is good value.
Focus areas:
- CloudWatch - metrics, custom metrics, logs, alarms, Logs Insights
- X-Ray - tracing, segments and subsegments, annotations vs metadata
- Lambda performance - cold starts, memory-to-CPU relationship, timeouts
- Exponential backoff with jitter, and handling throttling
- Reading and reacting to API error codes
Services to know well
If you can explain what each of these does, when to reach for it, and one thing it is commonly confused with, you are in good shape:
| Service | Know this about it |
|---|---|
| Lambda | Concurrency models, versions/aliases, layers, env vars |
| DynamoDB | Key design, LSI vs GSI, on-demand vs provisioned, streams |
| API Gateway | REST vs HTTP, integration types, throttling, caching |
| S3 | Storage classes, presigned URLs, event notifications |
| IAM | Policy evaluation logic, roles vs users, assume-role |
| Cognito | User pools (authn) vs identity pools (AWS access) |
| KMS | Envelope encryption, key policies vs IAM |
| SQS / SNS | FIFO vs standard, fan-out, DLQs, visibility timeout |
| Step Functions | Standard vs express, orchestration over chaining |
| SAM | Local testing, template.yaml, transform |
| CodeDeploy | Deployment configs and rollback triggers |
| X-Ray | Tracing model, annotations vs metadata |
Easy things to mix up
These are the pairs and details that the exam likes to probe. Knowing the distinction cleanly is worth more than memorising any single service:
- Cognito user pools vs identity pools - user pools authenticate users (who are you), identity pools hand out AWS credentials (what can you access). Questions blur the two on purpose.
- DynamoDB on-demand vs provisioned - on-demand for unpredictable traffic, provisioned (with auto scaling) for steady, forecastable load. Watch for cost-driven wording.
- LSI vs GSI - LSI shares the partition key and must be created at table creation; GSI has its own keys and can be added later.
- Lambda reserved vs provisioned concurrency - reserved caps and guarantees a slice of the account limit; provisioned keeps instances warm to kill cold starts. They solve different problems.
- CodeDeploy configs - all-at-once, linear, and canary differ in blast radius and rollout speed. Know which suits a low-risk vs high-risk deploy.
- Secrets Manager vs Parameter Store - Secrets Manager has built-in rotation and costs per secret; Parameter Store is cheaper and fine for non-rotating config.
- SQS visibility timeout vs message retention - visibility timeout hides an in-flight message; retention is how long an unconsumed message survives.
- Exponential backoff with jitter - the standard fix for throttling and transient errors. If a question describes retry storms, this is usually what it is after.
- STS / assume-role - reach for temporary credentials whenever cross-account access comes up, not long-lived keys.
Resources
There is no shortage of DVA-C02 material. These are the ones worth your time, ranked by how much they actually helped.
Essential
- Exam Guide (DVA-C02) - read the source. The domain breakdown and in-scope services list are the syllabus.
- Tutorials Dojo practice exams (Jon Bonso) - the most useful practice material for AWS associate exams. The explanations teach as much as the questions. Closest thing to a single must-buy.
- Official Practice Question Set and Official Practice Exam - calibrate against AWS-authored questions before the real thing.
- A real AWS account on the free tier - build a Lambda, wire it to DynamoDB and API Gateway, deploy it through CodePipeline. The hands-on sticks far better than reading.
Useful
- Stephane Maarek’s DVA-C02 course - if you prefer video and want a guided path through every service. Pick this or a written guide, not both.
- DigitalCloud cheat sheets - good for last-week revision once the concepts are already in place.
- Per-service FAQ pages (Lambda FAQs, DynamoDB FAQs, and so on) - AWS exam questions lean heavily on FAQ-level detail. High yield for the time spent.
- Resources to prepare (community.aws) - a decent jumping-off point to the official material.
Skip if you are tight on time
- Towards the Cloud study guide and the dev.to write-ups (study guide, how I passed) - useful for orientation and motivation, but they overlap heavily with the guide and your own practice. Read one, skim the rest.
- Rishab Kumar’s CloudNotes - handy as a quick reference, not a primary study source.
Notes
- Do a timed practice exam early, even before you feel ready - it surfaces the gaps while there is still time to close them.
- The exam rewards the services you do not touch day to day as much as the ones you do. The practice exams are what flush out those blind spots.
- If you write infrastructure as code already, lean on it - building these services is the fastest way to internalise them. My AWS CDK series covers a lot of the same services from the building side.
- Treat the exam guide as the syllabus and the practice exams as the gap finder. Everything else is supporting material.
- Score is scaled - aim to clear 720 comfortably rather than chasing a number on practice tests.